DEV Community: David Nanjila

Step-by-Step Guide to Setting Up Terraform, AWS CLI, and Your AWS Environment

David Nanjila — Tue, 24 Mar 2026 14:17:36 +0000

If you're just getting started with infrastructure as code, the first few hours can feel like you're assembling furniture without the instruction manual. You know the end goal — a working Terraform setup connected to AWS — but the path there involves a surprising number of small decisions that can trip you up if you're not careful.

This post walks through exactly what I did to get my environment up and running: AWS account setup, IAM configuration, AWS CLI installation, and finally connecting Terraform to AWS. Whether you're brand new to this or you've done bits of it before but never cleanly all at once, I'll share what I learned along the way — including the stuff I wish someone had told me upfront.

What We're Setting Up

Before we dive in, here's the full picture of what we're building across these three labs:

Lab 1: Set up your AWS account with proper IAM and billing configuration
Lab 2: Install and configure the AWS CLI
Lab 3: Install Terraform and connect it to AWS

Let's go step by step.

Lab 1: AWS Account Setup — Don't Skip the IAM and Billing Parts

If you already have an AWS account, you might be tempted to skip this section entirely. I'd actually encourage you not to — or at least skim it — because the IAM and billing setup tips here are genuinely worth your time, even if you've had an account for years.

Creating Your AWS Account

Head to aws.amazon.com and sign up. You'll need a credit card, but AWS has a generous free tier that covers most of what we'll be doing here. The signup process is straightforward, so I won't belabor it.

What does matter is what you do immediately after you log in for the first time.

Lock Down Your Root Account — Seriously

When you first create an AWS account, you log in as the root user. This account has unrestricted access to everything in your AWS environment — billing, account settings, all services, all regions. No guardrails. No limits.

You should never use the root account for day-to-day work.

The first thing to do is secure it:

Enable Multi-Factor Authentication (MFA) on the root account

click enable MFA and you can use authentication app to add your MFA authentication code

Create a strong password and store it somewhere safe (a password manager)
Then step away from the root account and don't look back, Proceed to set up an IAM user.

Setting Up IAM — The Right Way

IAM (Identity and Access Management) is how AWS controls who can do what in your account. Instead of using root credentials, you create IAM users with specific permissions.

Here's the setup I used:

Navigate to IAM in the AWS Console( search and click on I AM)

Create a new IAM user (I named mine something like nanjila-terraform to keep it obvious) Click on users on the left menu and then click create user on top right.

Give your user an appropriate name and then check the provide user access to the aws management console box. Why? This is to allow the user to login to the console and also be able to connect to your console programmaticaly.
Leave everything as default and then click next to set the user permission

Attach the AdministratorAccess policy — this gives full access but is still safer than root because it's auditable and can be revoked Click on te attach policy directly and search for the, in the search bar, type admin and click the `administrator access and click next to review and create the user. Once the user is created, click on the download .csv file to get the IAM user name and login password ** Don’t skip this ** save it, open it to get the url, username and password to login. Then click on view user on top left
Click on Security credentials,click create access key on your right or scroll down and then click create an Access Key you'll need this for the CLI and Terraform

For use case, select command line access and then confirm the check box as shown below.

Leave everything as default and then click create access key
Download or copy the Access Key ID and Secret Access Key somewhere safe. You only get one chance to see the secret key.
Remember to read the access key best practices

💡 What I learned when setting up the permissions : For a learning environment, AdministratorAccess is fine. In a real production setup, you'd want to follow the principle of least privilege, only granting the specific permissions Terraform actually needs. Something to keep in mind as you grow.

Set Up a Billing Alert/ Zero spend budget

Before you do anything else, set up a billing alert. AWS costs can sneak up on you, especially when you're experimenting.

Go to Billing and Cost Management in the console
Navigate to Budgets and create a budget
Set a threshold that makes sense for you — even $0.01 or $1 is enough to get an email before things spiral

This took five minutes and has saved me from more than one surprise at the end of the month.

Lab 2: Installing and Configuring the AWS CLI

With your IAM user and access keys ready, the next step is getting the AWS CLI installed so you can interact with AWS from your terminal.

Installing the AWS CLI

The installation process varies slightly by OS:AWS provides a very good documentation for this I followed the documentation and it felt so easy to install, you can check the documentation and follow through depending with your Operating system.

Configuring the CLI

Now connect the CLI to your IAM user:
Run the following command
bash aws configure
You'll be prompted for four things:
Open the .csv access key file you downloaded and then copy and paste in the details required.

AWS Access Key ID [None]: YOUR_ACCESS_KEY_ID AWS Secret Access Key [None]: YOUR_SECRET_ACCESS_KEY Default region name [None]: us-east-1 Default output format [None]: json
Use the access key you created for your IAM user — not root credentials.
This stores your credentials in ~/.aws/credentials and your config in ~/.aws/config. You can open those files and inspect them directly if you want to see what's happening under the hood.

Verify It's Working

Test your connection with a simple command:

bash aws sts get-caller-identity

If everything is configured correctly, you'll get back a JSON response showing your Account ID, User ID, and ARN. If you see your IAM user's ARN in there as shown above, you're good to go.

Lab 3: Installing Terraform and Connecting It to AWS

Installing Terraform

You can follow this official terraform documentation for easy installation

VSCode Extensions I'm Using

If you're writing Terraform in VSCode (and you should be — the experience is genuinely good), here are the extensions I installed:

HashiCorp Terraform for syntax highlighting, IntelliSense, and formatting for .tf files
AWS Toolkit — connect to AWS services directly from VSCode, browse resources, and manage credentials.
GitLens — Git supercharged — enhances Git functionality; it is considered essential ("non-negotiable") for managing your Terraform code, ensuring that all changes are properly tracked and controlled using version control.

Connecting Terraform to AWS

This is where it all comes together — and it's also where we learn something important about how Terraform authenticates.

How Terraform Authenticates with AWS

Terraform uses the AWS provider to interact with AWS. When you run terraform apply, it needs credentials to make API calls on your behalf. There are a few ways it can get those credentials, and understanding the order matters:

Environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
Shared credentials file (~/.aws/credentials) — what aws configure set up
IAM roles (when running on EC2 or in CI/CD pipelines)
Hardcoded in the provider block — please don't do this this is not recommended practice as I was learning through

Because I already ran aws configure, Terraform automatically picks up my credentials from ~/.aws/credentials. No extra configuration needed in the Terraform code itself. This is the cleanest approach for local development.

Key points: What Would Happen If You Used Root Credentials?

Technically, it would work. Terraform doesn't care whether the credentials belong to root or an IAM user, it just needs valid credentials with the right permissions.

Why it's a bad idea: Root credentials are the keys to the kingdom. If those credentials were ever leaked — committed to a public GitHub repo, exposed in logs, intercepted, an attacker would have unrestricted access to your entire AWS account. They could spin up resources, exfiltrate data, rack up a massive bill, or delete everything. There's no way to scope or limit root access. You can't say "these root credentials can only touch EC2" root is Root means everything.

With an IAM user, you can:

Scope permissions to only what's needed
Rotate credentials without affecting other users or services
Disable or delete the user if credentials are compromised
Audit exactly what that user has done via CloudTrail

There's also a practical reason: AWS explicitly recommends against using root credentials for programmatic access. It's considered a security misconfiguration, and tools like AWS Security Hub will flag it.

The rule is simple: root credentials stay in the safe. IAM credentials do the work.

Finally : Common Mistakes to Avoid

A few things that can trip you up and cost you time:

Using root credentials in aws configure — Use your IAM user's access keys instead
Committing credentials to Git — Add .terraform/ and any .tfvars files containing secrets to your .gitignore from day one
Skipping the billing alert — Takes five minutes, potentially saves you hundreds of dollars
Not pinning your Terraform provider version — Using ~> 5.0 instead of just aws prevents unexpected breaking changes when the provider updates
Forgetting to run terraform init after adding a provider — It won't work without it; init downloads the provider plugins

Getting started with terraform on AWS, a practical guide

David Nanjila — Tue, 17 Mar 2026 20:13:50 +0000

Getting Started with Terraform on AWS: Infrastructure as Code the Right Way

David Nanjila ・ Mar 17

#30dayterraformchallenge #terraform #hashicorp #awsusergroupkenya

Getting Started with Terraform on AWS: Infrastructure as Code the Right Way

David Nanjila — Tue, 17 Mar 2026 20:02:20 +0000

A practical guide to setting up Terraform and AWS CLI on Ubuntu — from zero

Why you should Start Caring About Infrastructure as Code

Let me paint a picture that might sound familiar.

You're deploying an application. You spin up an EC2 instance manually through the AWS console, configure a security group, set up an S3 bucket, tweak some IAM permissions — and everything works.

Two weeks later, you need to do the exact same thing for a staging environment. You click through the console again, trying to remember every setting you configured the first time. Did you allow port 443? Which AMI did you use? Why is staging behaving differently from production?

Sound familiar? That's exactly the problem Infrastructure as Code (IaC) solves — and it's why I decided to get serious about Terraform.

What Is Infrastructure as Code, Really?

It is exactly what it sounds like — instead of manually clicking through consoles or running one-off commands to provision your infrastructure, you write code that describes what your infrastructure should look like, and it handles the rest(infrastructure provisioning and state management).

But it's more than just automation. IaC fundamentally changes how you think about infrastructure:

Consistency — your dev, staging, and production environments are built from the same code. No more "but it works on my environment" problems
Speed and scale — need 10 servers instead of 1? Change a number in your config and apply. Done
Version control — your infrastructure lives in Git just like your application code. You can see who changed what, when, and why
Repeatability — destroy everything and rebuild it identically in minutes
Cloud flexibility — IaC works both on-premises and across public cloud providers, giving you a consistent workflow regardless of where your infrastructure lives.
Multi-cloud - IaC tool i.e terraform, can be used by all the cloud providers for infrastructure provisioning

The goal is simple: remove manual, error-prone tasks from your infrastructure workflow and replace them with something consistent, professional, and repeatable.

The there are many IaC tools but, in the next 30 days, we're focusing on Terraform on AWS — the starting point because the skills transfer across clouds.

What we are building on Day One (and what you will accomplish today)

✅ Terraform installed on Ubuntu

✅ Shell autocompletion enabled for Terraform

✅ AWS CLI installed and configured

✅ A working connection between Terraform and your AWS account

Let's get into it.

Prerequisites

Before we start, make sure you have:

An Ubuntu machine (I'm running Ubuntu 22.04 LTS — steps are similar for 20.04)
An AWS account (free tier works perfectly for learning)
An IAM user with programmatic access (we'll touch on this)
Basic comfort with the terminal

Beginner tip: If you're brand new to the terminal, don't worry. Every command I run, I'll explain what it's doing and why.

Step 1: Installing Terraform on Ubuntu

HashiCorp provides an official package repository for Ubuntu, which is the cleanest way to install Terraform. This means you'll also get updates automatically through apt.

1.1 Install Required Dependencies

First, let's make sure we have the tools needed to add a new package repository:

sudo apt-get update && sudo apt-get install -y gnupg software-properties-common

What this does:

apt-get update — refreshes your local package list
gnupg — allows us to verify the authenticity of the HashiCorp package
software-properties-common — gives us tools to manage additional repositories

1.2 Add the HashiCorp GPG Key

We need to verify that the packages we're downloading are genuinely from HashiCorp:

wget -O- https://apt.releases.hashicorp.com/gpg | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg > /dev/null

1.3 Add the Official HashiCorp Repository

echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
sudo tee /etc/apt/sources.list.d/hashicorp.list

What's happening here? $(lsb_release -cs) automatically detects your Ubuntu version (e.g., jammy for 22.04, focal for 20.04) so the right packages are pulled. Neat.

1.4 Install Terraform

sudo apt-get update && sudo apt-get install terraform

1.5 Verify the Installation

terraform -version

You should see output similar to:

If you see that version output — Terraform is installed.

Step 2: Enable Terraform Autocompletion

This is a small step that makes a big difference in your day-to-day workflow. Autocompletion lets you press Tab to complete Terraform commands, subcommands, and flags — massive time saver.

2.1 Install the Autocomplete Package

terraform -install-autocomplete

It does not return any output

2.2 Reload Your Shell

exec $SHELL

Or simply close and reopen your terminal.

Test It

Type terraform in your terminal, then press Tab twice. You should see a list of available commands pop up:

As Terraform projects grow, you'll be working with longer resource names and module paths where tab completion saves you from a lot of typos.

Step 3: Installing the AWS CLI on Ubuntu

Terraform needs to communicate with AWS on your behalf. The AWS CLI handles authentication and provides the credentials Terraform will use. Let's get it installed.

3.1 Download the AWS CLI v2 Installer

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

3.2 Unzip the Installer

sudo apt-get install unzip -y
unzip awscliv2.zip

3.3 Run the Installer

sudo ./aws/install

3.4 Verify the Installation

aws --version

Expected output:

Step 4: Configuring the AWS CLI

Now we need to connect the AWS CLI to your actual AWS account. To do this, you'll need an IAM user with programmatic access.

4.1 Create an IAM User (Quick Overview)

If you haven't already:

Log into your AWS Console
Navigate to IAM → Users → Create User
Give the user a name (e.g., terraform-admin)
Under Permissions, attach the AdministratorAccess policy (for learning — tighten this for production)
After creating the user, go to Security Credentials → Create Access Key
Choose CLI as the use case
Download or copy your Access Key ID and Secret Access Key — you won't see the secret again

Security note: Never commit your AWS credentials to Git. Never. I mean it. We'll talk about safer approaches as you progress, but for now — keep those keys safe.

4.2 Configure the AWS CLI

Run the configuration wizard:

aws configure

You'll be prompted for four things:

AWS Access Key ID [None]: YOUR_ACCESS_KEY_ID
AWS Secret Access Key [None]: YOUR_SECRET_ACCESS_KEY
Default region name [None]: us-east-1
Default output format [None]: json

A few notes:

Replace us-east-1 with your preferred AWS region (e.g., eu-west-1 for Europe, ap-southeast-1 for Asia Pacific)
Output format json is generally the most useful for scripting and readability or leave it blank.

4.3 — Verify Your AWS Connection

Let's confirm the CLI can actually talk to AWS:

aws sts get-caller-identity

If everything is configured correctly, you'll see something like:

That response means your CLI is authenticated and talking to AWS.
That is all for today, let meet tomorrow even as we dive deeper.

Common Mistakes to Avoid Early On

I'd rather you learn from these now than discover them at 2am:

1. Storing credentials in your Terraform files

Never hardcode your access_key and secret_key directly in your .tf files. Terraform automatically picks up credentials from aws configure — let it do that.

2. Not running terraform init after adding providers

Every time you add a new provider or module, run terraform init again. It's easy to forget and the error messages can be confusing.

3. Skipping terraform plan before terraform apply

Always run terraform plan first. It shows you exactly what Terraform is about to do — think of it as a dry run. This habit will save you from some very expensive surprises.

4. Using AdministratorAccess in production

Fine for learning, not fine for real workloads. As you get more comfortable, practice least-privilege IAM permissions.

What's Next?

Now that your environment is set up, you're ready to start writing real Terraform code. In upcoming posts, I'll be covering:

Writing your first Terraform resource (spinning up an EC2 instance)
Understanding Terraform state and why it matters
Variables, outputs, and keeping your code reusable
Remote state with S3 and DynamoDB for team environments

The foundation is in place. Everything from here is building on top of it.

Wrapping Up

Setting up your Terraform and AWS environment on Ubuntu is genuinely straightforward once you know the steps — and now you do. What used to take me a while to piece together from different docs is now a repeatable process I can set up in under 15 minutes.

That's the whole point of Infrastructure as Code. Once you do something right, you codify it, and you never have to figure it out from scratch again.

If you ran into any issues or have questions about any of the steps, drop them in the comments below. And if this was helpful, share it with someone else who's just getting started on their cloud and DevOps journey — we all start somewhere.

Happy building.

Found this useful? Follow along for more hands-on DevOps and cloud content.

Your Server Just Caught Fire – But Your App’s Still Running: The EC2 Superpower

David Nanjila — Mon, 11 Aug 2025 18:38:20 +0000

Introduction
Imagine this: You run a small e-commerce site. It’s Black Friday, traffic is flooding in… and your main server suddenly crashes. Normally, this means lost sales, angry customers, and a long night for your IT team. But with Amazon EC2 (Elastic Compute Cloud), your app keeps running because your servers aren’t tied to a single machine — they live in the AWS cloud, spread across multiple data centers.
That’s the power of EC2, flexible, on-demand virtual servers you can launch or resize in minutes, backed by the scale and reliability of Amazon Web Services. AWS offers hundreds of services, but EC2 is its compute backbone — whether you’re hosting websites, processing data, or running machine learning models.

Real-World Scenario: What Happens When Your Laptop Dies Mid-Presentation?
Imagine you’re in the middle of a critical client presentation. Your laptop fan starts screaming, the screen goes black, and… nothing. No backups on a USB, no files on the local drive.

Normally, that’s game over.

But if your systems run on Amazon EC2, it’s just a mild inconvenience — you log in from another device and your work is right there, unaffected.
That’s the beauty of cloud computing — your business keeps moving even if your hardware fails.

Whether you're a student testing your first app, a mid-level engineer running internal tools, or a seasoned architect deploying enterprise workloads, EC2 removes the single point of failure: your personal device.

You might be asking how I can learn AWS?
The official AWS learning platform is AWS Skill Builder.

Offers free and subscription learning paths for all skill levels.
Includes AWS Cloud Quest — a gamified learning experience where you complete real-world scenarios in a virtual city.
Lets you prepare for AWS Certifications with practice exams and interactive labs.

If you want to learn EC2 in a way that sticks, Cloud Quest is a great start because it forces you to actually deploy, connect, and manage instances, not just read about them.

Most Common EC2 Use Cases (From Cloud Quest’s First Exercise)
In the very first AWS Cloud Quest EC2 mission, you’re tasked with launching two EC2 instances in different Availability Zones for high availability. This simple exercise teaches key scenarios where EC2 shines:

High Availability Websites & Apps — keep running even if one data center fails.
On-Demand Scaling — add or remove instances as traffic changes.
Global Reach — deploy in multiple AWS Regions to serve users faster.
Quick Recovery — replace a failed server in minutes without touching hardware.

Best Practices to Follow (From Official AWS Resources)
AWS recommends these EC2 best practices (all reinforced in Cloud Quest):

Deploy Across Multiple AZs – Improves fault tolerance and resilience.
Use Auto Scaling – Automatically add or remove instances to match demand.
Secure with IAM Roles & Security Groups – Grant least-privilege access using IAM roles and security groups to tightly control network traffic.
Right-Size Your Instances – Choose instance types that match your workload; adjust as needs change.
Automate Backups – Use Amazon Machine Images (AMIs) and snapshots for quick recovery.
Monitor & Optimize – Track usage with Amazon CloudWatch; optimize cost with Spot Instances and Savings Plans.

What I Learned from Cloud Quest’s First EC2 Exercise

EC2 setup isn’t just “launch and forget” — you need to plan placement (AZs), security rules, and key pairs before launch.
AWS services are deeply integrated — while setting up EC2, you naturally interact with networking, storage, and monitoring tools.
The game forces you to think like a real AWS engineer — considering cost, resilience, and scalability from the start.

Conclusion
Amazon EC2 is more than just “a server in the cloud” — it’s a platform for building resilient, scalable, and global applications without owning a single physical machine.
AWS Cloud Quest makes this real by putting you in scenarios that mirror what happens in production environments. By the time you’ve finished the first few quests, you’ll not only know how to launch EC2 instances — you’ll know why you launch them the way AWS best practices suggest.

[Boost]

David Nanjila — Mon, 04 Aug 2025 21:52:07 +0000

David Nanjila

Aug 4 '25

Your Files Just Vanished... And Amazon S3 Could Have Saved You!

#s3 #aws

Comments 2

7 min read

Your Files Just Vanished... And Amazon S3 Could Have Saved You!

David Nanjila — Mon, 04 Aug 2025 21:42:16 +0000

The Storage Crisis Every Business Faces (And How to Never Face It Again)

The Nightmare Scenario
Picture this: It’s Black Friday, your company’s biggest sales day of the year. Your e‑commerce website is experiencing 10× normal traffic when suddenly… crash. Your traditional web server buckles under the pressure, customers can’t access your site, and you’re watching potential revenue evaporate by the minute.

But here’s an even worse scenario: You’re peacefully working on your laptop when suddenly it dies completely. Years of work, family photos, business documents – all gone in an instant. The panic sets in as you realize your last backup was… when exactly?
These aren’t hypothetical disasters. They happen every day to businesses and individuals who haven’t discovered the power of Amazon S3. Today, I’ll show you how S3 can transform these nightmares into minor inconveniences.

What Makes S3 a Game‑Changer?
Amazon Web Services (AWS) didn’t just create another storage service when they launched S3 – they revolutionized how we think about data storage and website hosting. S3 isn’t just storage; it’s a highly durable, infinitely scalable platform that can serve as the backbone for everything from simple websites to enterprise data lakes.

Here’s what sets S3 apart:

99.999999999 % (11 9’s) durability – Your data is virtually indestructible
Automatic scaling – Handles traffic spikes from 10 visitors to 10 million without breaking a sweat
Global availability – Access your data from anywhere, anytime
Intelligent cost optimization – Automatically moves data to cheaper storage classes based on access patterns

Unlike traditional servers that crash under pressure, S3 automatically scales to handle virtually unlimited traffic, ensuring your website stays online when it matters most.

How to Master AWS S3: Your Learning Roadmap
The best way to master AWS is through hands‑on experience combined with structured learning. Here’s my battle‑tested approach:

Start with AWS SkillBuilder and the Free AWS Cloud Practitioner Essentials course.

Hands‑on labs and Cloud Quest – Gamified learning that makes complex concepts stick
Subscription for advanced courses and practice exams

Get Your Hands Dirty

Create a free AWS account and explore the Free Tier
Follow AWS documentation step‑by‑step tutorials
Join AWS community forums and local user groups
Build actual projects, not just follow tutorials
Consider AWS certifications like the AWS Certified Cloud Practitioner

Pro tip: Don’t just watch videos – build Muscle memory from navigating the console.

The Most Powerful S3 Use Cases

Based on real‑world implementations and AWS Cloud Quest exercises, these are the most compelling ways to leverage S3:

Static Website Hosting

Transform your website hosting from a liability into an asset:

Perfect for blogs, portfolios, documentation sites, marketing pages
Zero server maintenance, automatic scaling, 99.99 % uptime
Works seamlessly with Amazon CloudFront Content Delivery Network(CDN) for lightning‑fast global delivery.
Cost: Under \$5/month

Bulletproof Data Backup and Archival

Never lose important data again:

11 9’s durability means your data is safer than in most vaults
Multiple storage classes optimize cost based on access frequency
Lifecycle policies to move old data to cheaper tiers, learn more here
Cross‑Region Replication protects against regional disasters

Global Content Distribution

Serve images, videos, docs at scale:

Use CloudFront edge locations for ultra-fast delivery
Version control and granular IAM permissions for governance
Automatic compression and optimization reduce bandwidth

Data Lakes and Big Data Analytics

Store structured + unstructured data at any scale:

Integrates with Athena, Redshift, EMR
Supports multiple formats: JSON, Parquet, CSV
Query data directly from S3 without moving it to databases

Modern Application Storage

Build cloud-native apps from the ground up:

Mobile/web apps can upload/download directly to S3
RESTful APIs integrate with any platform or language
Event‑driven processing triggers workflows (e.g. Lambda)
Serverless – No thinking about patches or scaling

Step‑by‑Step: Host Your Website on S3 in 5 Minutes
Ready to see S3 work? Here’s your checklist: Ensure you have created a free tier aws account here
Ensure you have a static website files with you. Make sure it has an index.html file.

✅ Step 1: Log in to your aws management console using your email and password.

✅ Step 2: Type s3 in the search bar as shown below and then click on s3 to open aws s3 landing page

✅ Step 3: Click on create a bucket and create a bucket using a unique name e.g "your-firstname_3234343" the name unique. Ensure to add some random numbers to make the name of your bucket unique.

Uncheck block all public access for this bucket and check and confirm as show

Scroll down and then click create bucket.
Once successful you will see a green banner at the top with a bucket created successful message, click on view details on the banner to see the bucket details.

✅ Step 4: On the bucket details page, click on upload then add files to add files, it will open your local machine, select the static files of your website and then click upload at your bottom right to upload them

✅ Step 5: After you have successfully uploaded you files, click on the properties, then scroll down, you will see static website hosting currently disable, click edit and select enable radio button.

Fill in the index document as index.html and error document and error.html. Scroll down and click save changes.

✅ Step 6: set the backet policy to allow anyone to access the object in the bucket.

Click on the permissions, edit bucket policy, copy the policy a bellow and paste it, change the "your-bucket-name" your the name of your s3 bucket. Scroll down and click saver changes

 {
   "Version": "2012-10-17",
   "Statement": [
     {
       "Sid": "PublicReadGetObject",
       "Effect": "Allow",
       "Principal": "*",
       "Action": "s3:GetObject",
       "Resource": "arn:aws:s3:::your-bucket-name/*"
     }
   ]
 }

Click on properties and scroll down to the static website hosting and you static website live when you click on the link bucket website endpoint.

You can see the static website ready and it is now accessible all the world.

The format of your static website will be as shown below:

http://your-unique-website-name.s3-website-region.amazonaws.com

Bonus: Add the CloudFront CDN for HTTPS and global performance, then point your custom domain using Route 53.

Battle‑Tested Best Practices
Following AWS Well‑Architected Framework best practices can save a ton of headaches. Learn more here: AWS Well‑Architected Framework

Security First

Enable bucket versioning – Undo accidental deletions
Use IAM roles and policies to enforce least privilege.
Enable encryption – SSE‑S3 or SSE‑KMS for data at rest
Block public access by default; only make specific objects public
Use MFA delete – Higher security for important buckets

Performance Optimization

Deploy CloudFront – Cut latency by 60‑80 % globally
Smart object naming to avoid “hotspotting”
Use multipart uploads for large files (> 100 MB)
Enable Transfer Acceleration for fast uploads from distant locations

Cost Management That Actually Works

S3 Intelligent‑Tiering automatically moves objects based on access.
Implement lifecycle policies to shift older data to Glacier or Deep Archive
Use S3 Storage Lens to monitor and analyze usage
Regularly review access patterns and adjust storage classes quarterly

Reliability and Disaster Recovery

Set up Cross‑Region Replication for geo‑redundancy
Leverage S3 Event Notifications to trigger workflows + alerts
Use Amazon CloudWatch for monitoring and alarms
Build apps to tolerate eventual consistency

Operational Excellence

Maintain a consistent tagging strategy for cost tracking
Use Infrastructure as Code (CloudFormation, CDK) for repeatable deployments
Enable detailed logging using AWS CloudTrail and S3 server access logs
Create runbooks for common situations

The Paradigm Shift That Changes Everything
My first AWS Cloud Quest on S3 static website hosting was eye‑opening. It shifted my infrastructure mindset entirely.
Before S3, I lost sleep over capacity planning and patching schedules. I provisioned servers “just in case,” even when traffic spikes felt unpredictable. I held my breath every time big events rolled around.
With S3, all of that goes away: No patching, no over‑provisioning, no 3 AM panic texts. You get high uptime, broad availability, and pay‑as‑you‑go pricing that usually costs pennies for a simple project.

Savings are more than just dollars—they’re a shift in philosophy: From scaling servers to scaling architectural thinking.

Your Next Steps: From Theory to Practice

This Week

Create your AWS Free Tier account
Complete AWS Cloud Practitioner Essentials on SkillBuilder
Build your first S3‑hosted website using the checklist above

The Bottom Line
S3 is not just storage—it’s a new way to think about building for the cloud. Paired with CloudFront, Route 53, and Certificate Manager, you can build globally distributed, high‑availability systems that used to cost enterprise budgets.
The companies that thrive in the next decade won’t operate the largest server farms—they’ll master serverless, cloud‑native design. S3 is your gateway.

You don’t have to lose your files. Your website doesn’t have to crash. Your infrastructure doesn’t need to cost a fortune. S3 has solved these problems—and more.
The only question is: When will you start taking advantage of it?

❓ Ready to get started? Create your AWS Free Tier account today and build your first S3‑hosted website. Your future self will thank you—especially during the next Black Friday rush or even when your machine crashes and your data is stored in S3.

Bringing Back the 80s: My Journey Creating Robotron 2084 in HTML5 using AmazonQ CLI

David Nanjila — Mon, 07 Jul 2025 13:35:18 +0000

🕹️ The Nostalgia Hit

Remember the golden age of arcade gaming? The satisfying click of buttons, the glow of CRT monitors, and the pure adrenaline rush of defending humanity against endless waves of robots? That's exactly what inspired me to recreate Robotron 2084 - one of the most intense twin-stick shooters ever made.

🎮 PLAY THE GAME NOW - LIVE DEMO

🎯 Why Robotron 2084?

Released in 1982, Robotron 2084 was revolutionary. It introduced the twin-stick control scheme that's now standard in modern shooters, and its frantic "save the humans" gameplay created an emotional connection rarely seen in arcade games.

What makes it special:

Dual-stick controls: Move with one hand, shoot with the other
Moral complexity: You're not just surviving - you're protecting innocent lives
Escalating tension: Each wave gets exponentially harder
Pure skill-based gameplay: No power-ups, no gimmicks - just you vs the machines How Amazon Q Developer Transformed My Game Development Journey

🤖 The AI-Powered Development Experience

When I set out to create a retro game collection, I had no idea that Amazon Q Developer would become my most valuable coding companion. What started as a simple idea to recreate Robotron 2084 turned into a masterclass in AI-assisted development.

🎮 PLAY THE RESULT - LIVE DEMO

🚀 From Idea to Implementation in Record Time

The Challenge

I wanted to build:

A twin-stick shooter (Robotron 2084)
A memory game (Color Memory Challenge)
Professional documentation
A polished user experience

Traditional approach: Weeks of research, trial and error, debugging
With Amazon Q: Completed within a few hours with professional quality

🛠️ How Amazon Q Accelerated Development

1. Instant Code Generation

Instead of writing the whole code from scratch:

Me: "Help me create a twin-stick shooter game"

Amazon Q: Generated complete game architecture:

class Robotron2084 {
    constructor() {
        this.canvas = document.getElementById('gameCanvas');
        this.ctx = this.canvas.getContext('2d');
        this.player = { x: 400, y: 300, size: 8, speed: 3 };
        // Complete game state management
    }
}

2. Smart Problem Solving

When I needed collision detection:

Me: "The bullets aren't hitting robots properly"

Amazon Q: Immediately identified the issue and provided optimized solution:

checkCollisions() {
    this.bullets.forEach((bullet, bulletIndex) => {
        this.robots.forEach((robot, robotIndex) => {
            if (this.distance(bullet, robot) < bullet.size + robot.size) {
                // Perfect collision logic
            }
        });
    });
}

3. Professional File Organization

Me: "Help me separate HTML, CSS, and JavaScript files"

Amazon Q: Instantly restructured the entire project:

Created modular file architecture
Generated clean HTML structure
Separated styling into dedicated CSS files
Organized JavaScript into logical components

🎯 Specific Ways Amazon Q Helped

Code Quality & Best Practices

Suggested ES6 classes for better organization
Recommended requestAnimationFrame for smooth 60fps gameplay
Implemented efficient collision detection algorithms
Added proper error handling and edge cases

User Experience Design

Created landing page with clear instructions
Designed intuitive navigation between pages
Added responsive design for different screen sizes
Implemented accessibility features

Documentation Excellence

Generated comprehensive README with proper structure
Wrote professional blog posts
Added inline code comments for maintainability

💡 The Amazon Q Advantage

1. Context Awareness

Amazon Q understood my project goals and maintained consistency across all files. When I asked for a landing page, it automatically matched the retro aesthetic of the game.

2. Iterative Improvement

Me: "Add a back button to return to the landing page"

Amazon Q: Not only added the button but:

Styled it to match the game theme
Positioned it unobtrusively
Added hover effects
Updated documentation

3. Professional Polish

Amazon Q didn't just write code - it created a professional product:

Clean file structure
Consistent naming conventions
Proper version control practices
Marketing materials ready for publication

🔧 Technical Achievements with Amazon Q

Game Engine Features

60 FPS game loop with optimized rendering
Particle system for explosions and effects
Progressive difficulty with wave-based gameplay
Collision detection with pixel-perfect accuracy

Modern Web Standards

HTML5 Canvas for high-performance graphics
CSS3 animations and responsive design
Vanilla JavaScript with no external dependencies
Cross-browser compatibility

Professional Documentation

Technical documentation for developers
Blog posts for marketing and engagement
README with clear setup instructions

📈 Development Timeline Comparison

Without Amazon Q (Estimated):

Week 1-2: Research game development patterns
Week 3-4: Build basic game mechanics
Week 5-6: Debug collision detection and performance
Week 7-8: Create user interface and styling
Week 9-10: Write documentation and polish

With Amazon Q (Actual):

Complete Robotron 2084 game with all features
Add Color Memory Challenge game
Create landing page and navigation
Generate all documentation and blog posts
Polish, test, and deploy

Result: 10 weeks → 1 hours (100% time savings)

🚀 Lessons Learned

1. AI as a Coding Partner

Amazon Q isn't just a code generator - it's a development partner that understands context, suggests improvements, and maintains consistency.

2. Focus on Ideas, Not Implementation

Instead of getting bogged down in syntax and boilerplate, I could focus on game design and user experience.

3. Professional Quality from the first minute

Amazon Q's suggestions follow industry best practices, resulting in production-ready code immediately.

4. Documentation Matters

Amazon Q emphasized the importance of good documentation and made it effortless to create.

🔮 The Future of AI-Assisted Development

This project showed me that AI development tools like Amazon Q are game-changers:

Faster prototyping enables more experimentation
Higher quality code from the start
Better documentation improves maintainability
Professional polish without the time investment

💭 For Fellow Developers

If you're considering AI-assisted development:

Do This:

Be specific in your requests
Iterate and refine based on AI suggestions
Learn from the code AI generates
Focus on the big picture while AI handles details

Expect This:

Dramatic time savings on routine tasks
Higher code quality through best practices
Better documentation and organization
More time for creative problem-solving

🎯 Try It Yourself

🎮 PLAY THE GAMES
📁 VIEW SOURCE CODE

🔗 Connect & Discuss

Want to discuss AI-assisted development or game creation?

LinkedIn: David Nanjila
X (Twitter): @DavidNanji9396
GitHub: david-nanjila

💬 Join the Conversation

Have you used AI tools for development? What was your experience? Share your thoughts and let's discuss the future of AI-assisted coding!

Ready to supercharge your development with AI? Amazon Q Developer is waiting to transform your next project.

🚀 START YOUR AI DEVELOPMENT JOURNEY

Deploying Your First Server with Terraform on AWS: A Beginner's Guide

David Nanjila — Sun, 06 Jul 2025 21:29:15 +0000

## Introduction

Today marks Day 3 of my 30-Day Terraform Challenge, and what an exciting milestone it's been! I successfully deployed my first web server using Infrastructure as Code (IaC) with Terraform. If you're new to Terraform or cloud infrastructure, this post will walk you through the journey and key learnings from building basic AWS infrastructure from scratch.

What I Accomplished Today

1. Understanding Terraform Fundamentals

Provider Blocks: Learned how to configure AWS as my cloud provider
Resource Blocks: Mastered creating and managing AWS resources
Data Sources: Used data sources to fetch dynamic information like availability zones

2. Built Complete Infrastructure

I created a fully functional web server infrastructure including:

VPC (Virtual Private Cloud): My own private network in AWS
Public Subnet: Where my server lives with internet access
Internet Gateway: Enables internet connectivity
Security Group: Acts as a firewall for my server
EC2 Instance: The actual web server running Apache

The Architecture

Here's what I built:

Key Code Highlights

Setting Up the Provider

provider "aws" {
  region = "us-west-2"
}

Creating the VPC

resource "aws_vpc" "vpc" {
  cidr_block           = var.vpc_cidr
  enable_dns_hostnames = true
  enable_dns_support   = true

  tags = {
    Name        = var.vpc_name
    Environment = "demo_environment"
    Terraform   = "true"
  }
}

Deploying the Web Server

resource "aws_instance" "web_server" {
  ami                         = data.aws_ami.amazon_linux.id
  instance_type               = var.instance_type
  subnet_id                   = aws_subnet.public_subnet.id
  vpc_security_group_ids      = [aws_security_group.web_server_sg.id]
  associate_public_ip_address = true

  user_data = <<-EOF
    #!/bin/bash
    yum update -y
    yum install -y httpd
    systemctl start httpd
    systemctl enable httpd
    echo "<h1>Hello from your first Terraform server!</h1>" > /var/www/html/index.html
  EOF

  tags = {
    Name        = var.instance_name
    Environment = "demo_environment"
    Terraform   = "true"
  }
}

Challenges I Overcame

1. Invalid Index Error

Got confused with resource naming when referencing subnets:

Error: Invalid index
The given key does not identify an element in this collection value.

Solution: Ensured the key names matched exactly between variable definitions and resource references.

What I Learned

1. Infrastructure as Code Benefits

Reproducibility: Can recreate the same infrastructure anywhere
Version Control: Infrastructure changes are tracked like code
Automation: No more manual clicking in AWS console

2. Terraform Best Practices

Use variables for flexibility
Tag all resources for better organization
Use data sources for dynamic values
Keep security groups restrictive but functional

3. AWS Networking Basics

VPCs provide isolated network environments
Subnets segment your network
Internet Gateways enable internet access
Security Groups act as virtual firewalls at instance level

The Result

After running terraform apply, I had:

✅ A fully functional web server
✅ Accessible via public IP
✅ Serving a custom HTML page
✅ All infrastructure defined as code

The server displays: "Hello from your first Terraform server!" along with its IP and instance ID.

Key Takeaways

Start Simple: Begin with basic infrastructure before adding complexity
Read Error Messages: Terraform provides clear error messages - read them carefully
Use Variables: Makes your code reusable and flexible
Test Incrementally: Apply changes step by step to catch issues early
Document Everything: Good naming and tags make infrastructure manageable

What's Next?

Tomorrow I'll be exploring more advanced Terraform features and expanding this infrastructure. The foundation is solid, and I'm excited to build upon it!

Resources Used

Book: Terraform: Up & Running on Amazon - Chapter 2
Labs:
- Configure AWS Terraform Providers
- Configure AWS Resource Blocks
Documentation:

Final Thoughts

Deploying your first server with Terraform feels like magic! What used to require multiple manual steps in the AWS console now happens with a single terraform apply command. The learning curve is worth it - Infrastructure as Code is definitely the way forward.

If you're starting your Terraform journey, don't be intimidated by the errors. They're learning opportunities that make you understand the underlying concepts better.

This post is part of my 30-Day Terraform Challenge. Follow along for more Infrastructure as Code adventures!

Infrastructure as Code (IaC): Revolutionizing DevOps

David Nanjila — Tue, 01 Jul 2025 19:09:27 +0000

Introduction

In today's rapidly evolving tech landscape, managing infrastructure efficiently has become a critical challenge for organizations of all sizes. Traditional methods of provisioning and managing infrastructure through manual processes and custom scripts are no longer sufficient to meet the demands of modern application development and deployment. This is where Infrastructure as Code (IaC) comes in as a game-changing approach.

What is Infrastructure as Code?

Infrastructure as Code (IaC) is a methodology that allows you to manage and provision your infrastructure through code rather than manual processes. Instead of clicking through console interfaces or running ad-hoc scripts, IaC enables you to define your infrastructure using configuration files that can be versioned, shared, and reused.

With IaC, infrastructure resources like virtual machines, networks, load balancers, and connection topologies are defined using a high-level configuration syntax. This approach makes it possible to manage your infrastructure using the same versioning systems you use for your application code, such as Git.

Key Benefits of Infrastructure as Code

1. Speed and Efficiency

IaC dramatically accelerates the infrastructure provisioning process. What used to take days or weeks to set up manually can now be accomplished in minutes or hours. This acceleration is crucial for organizations adopting DevOps practices and aiming for rapid delivery cycles.

2. Consistency and Standardization

By defining infrastructure through code, you eliminate the inconsistencies that arise from manual configurations. Every deployment follows the same pattern, reducing the "it works on my machine" syndrome and ensuring consistent environments across development, testing, and production.

3. Version Control and History

Infrastructure configurations can be stored in version control systems, providing a complete history of changes. This capability allows teams to:

Track who made what changes and when
Roll back to previous configurations if needed
Understand the evolution of the infrastructure over time

4. Cost Reduction

IaC reduces costs in multiple ways:

Automation reduces human error, which can be costly to fix
Resources can be provisioned only when needed and deprovisioned when not in use
Standardization leads to more efficient resource utilization

5. Risk Mitigation

With infrastructure defined as code, changes can be tested before being applied to production environments. This testing capability significantly reduces the risk of outages and security vulnerabilities.

6. Documentation as Code

The IaC configuration itself serves as documentation. New team members can quickly understand the infrastructure by reading the code, rather than relying on potentially outdated wiki pages or tribal knowledge.

7. Disaster Recovery

In case of a disaster, IaC allows you to quickly rebuild your entire infrastructure from scratch, ensuring business continuity and reducing downtime.

Terraform: A Leading IaC Tool

Among the various IaC tools available, HashiCorp's Terraform has emerged as one of the most popular choices. Terraform uses a declarative approach where you specify the desired end state of your infrastructure, and it figures out how to achieve that state.

Installing Terraform

Terraform installation is straightforward across different operating systems:

For Linux (Ubuntu/Debian)

# Add HashiCorp GPG key
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -

# Add HashiCorp repository
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"

# Update and install Terraform
sudo apt-get update && sudo apt-get install terraform

# Verify installation
terraform --version

For macOS (using Homebrew)

# Install Homebrew if not already installed
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

# Install Terraform
brew tap hashicorp/tap
brew install hashicorp/tap/terraform

# Verify installation
terraform --version

For Windows (using Chocolatey)

# Install Chocolatey if not already installed
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))

# Install Terraform
choco install terraform

# Verify installation
terraform --version

Configuring AWS CLI for Terraform

Since Terraform works seamlessly with AWS, setting up the AWS CLI is essential for managing AWS resources:

1. Install AWS CLI

For Linux

# Download the installation file
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

# Unzip the installer
unzip awscliv2.zip

# Run the install program
sudo ./aws/install

# Verify installation
aws --version

For macOS

# Using Homebrew
brew install awscli

# Verify installation
aws --version

For Windows

# Using Chocolatey
choco install awscli

# Verify installation
aws --version

2. Configure AWS CLI

After installation, you need to configure AWS CLI with your credentials:

aws configure

You'll be prompted to enter:

AWS Access Key ID
AWS Secret Access Key
Default region name (e.g., us-west-2)
Default output format (json is recommended)

These credentials will be stored in ~/.aws/credentials and ~/.aws/config files, which Terraform will automatically use when interacting with AWS.

3. Best Practices for AWS Credentials

Never hardcode AWS credentials in your Terraform files
Use IAM roles for EC2 instances when possible
Consider using AWS Vault or similar tools for enhanced security
Regularly rotate your access keys
Use the principle of least privilege when creating IAM policies

Getting Started with Terraform and AWS

Once you have Terraform and AWS CLI set up, you can create your first Terraform configuration file:

# main.tf
provider "aws" {
  region = "us-west-2"
}

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"

  tags = {
    Name = "terraform-example"
  }
}

To deploy this infrastructure:

# Initialize Terraform
terraform init

# Preview changes
terraform plan

# Apply changes
terraform apply

Conclusion

Infrastructure as Code represents a paradigm shift in how we manage and provision infrastructure. By treating infrastructure configuration as software code, organizations can achieve greater consistency, efficiency, and reliability in their deployments.

Terraform, with its declarative syntax and multi-cloud support, has become a go-to tool for implementing IaC. Combined with proper AWS configuration, it provides a powerful foundation for modern infrastructure management.

As you embark on your IaC journey, remember that the true value lies not just in the automation itself, but in the cultural and process changes that accompany it. Embrace version control, code reviews, and continuous integration for your infrastructure code, just as you would for application code.

Resources

Terraform Official Documentation

https://developer.hashicorp.com/terraform/docs
The official Terraform documentation, including guides, language references, and tutorials.

AWS Resources

https://registry.terraform.io/providers/hashicorp/aws/latest/docs

Learning and Tutorials

HashiCorp Learn - https://developer.hashicorp.com/terraform/tutorials